Azure Security Specialist at Illinois Full time

Roles and Responsibilities:

1. Demonstrate deep experience with securing mission critical cloud applications in Microsoft Azure
2. Orchestrate the security layer across custom developed and Commercial products deployed on Azure as an integrated solution
3. Demonstrate good understanding of Azure Compliance Blueprints, Compliance Dashboards
4. Create strategy to manage PCI/PII compliance controls through Azure Automation
5. Deliver security layer as code using Azure CLI, ARM templates, Shell Scripts and not just as Visio Diagrams
6. PAAS Security:
7. Drive the security architecture and implementation for APIs and Microservices deployed on Azure Kubernetes Services, Azure App Services, Logic Apps and Functions
8. Implement best practices for application secrets management using Azure Key Vault or Hashicorp Vault, with the ability to recommend one versus the other based on use cases
9. Container Security:
10. Demonstrate understanding of container security concepts, Kubernetes architecture, service to service communication
11. Design Ingress control and Kubernetes security policies with nginx, Azure Application Gateway
12. Data security:
13. Create blueprint for data security in transit and at rest including the ability to recommend Azure database offerings and storage services based on the security requirements
14. Demonstrate deep understanding on topics like Data Exfiltration, Data Loss Prevention and Data Redaction
15. Network and Platform Security:
16. Design and implement the best practices as code using Azure CLI and/or ARM Templates for virtual network security, user defined routing and network security groups
17. Design isolation of applications, data and other PAAS services using Service Endpoints, ASE and other techniques
18. Identity Management:
19. Design identity management solutions with Azure AD, Azure AD B2C, Okta, Ping Identity and other modern identity solutions for internal users and customer identities
20. Integrate OAuth into applications, APIs, Microservices
21. Work with Azure Managed Service Identities for Application to Application or Application to Azure Services scenarios
22. Azure DevOps:
23. Ability to work with Azure DevOps Pipelines and Releases to deliver security-as-code in the CI/CD environment

Certifications:

1. AZ-500

Primary Skills:

1. Azure CLI and Powershell
2. Container platforms and tools - Kubernetes, Docker, Azure Kubernetes Service, Azure Container Service
3. Azure Networking – Azure Virtual Networks, ExpressRoute, Site-to-Site VPN, NSG, App Service Environment
4. Azure PAAS Services Security and Provisioning – Azure API Management Policies, Azure App Service, Event Hubs, Service Bus, Cosmos DB, Azure SQL
5. Identity Management – Azure Managed Service Identities, Azure AD, Azure AD B2C, Open ID Connect
6. Cloud Security – Azure Key Vault, HSTS, SSL/TLS Ingress Control, Certificate management, Azure Security Center, Threat Detection, Container Security tools e.g. Twistlock
7. Cloud monitoring – Experience with Azure Sentinel, Azure Log Analytics, Azure Monitor, SysDig, Application Insights